highperfocused/danswer
1
0
Fork 0
mirror of https://github.com/danswer-ai/danswer.git synced 2025-08-04 06:02:37 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add support for non-letsencrypt-based https in docker compose setup (#628)

Browse Source
This commit is contained in:
Chris Weaver
2023-10-25 20:35:47 -07:00
committed by GitHub
parent 9a51745fc9
commit a8b7155b5e
4 changed files with 189 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
deployment/data/nginx/app.conf.template
View File

@@ -70,7 +70,7 @@ server {
location / {
proxy_http_version 1.1;
proxy_buffering off;
proxy_pass http://${DOMAIN};
proxy_pass http://localhost:80;
}
ssl_certificate /etc/letsencrypt/live/${DOMAIN}/fullchain.pem;

74
deployment/data/nginx/app.conf.template.no-letsencrypt Normal file
View File

@@ -0,0 +1,74 @@
upstream api_server {
# fail_timeout=0 means we always retry an upstream even if it failed
# to return a good HTTP response
# for UNIX domain socket setups
#server unix:/tmp/gunicorn.sock fail_timeout=0;
# for a TCP configuration
# TODO: use gunicorn to manage multiple processes
server api_server:8080 fail_timeout=0;
}
upstream web_server {
server web_server:3000 fail_timeout=0;
}
server {
listen 80;
server_name ${DOMAIN};
client_max_body_size 500M; # Maximum upload size
location ~ ^/api(.*)$ {
rewrite ^/api(/.*)$ $1 break;
# misc headers
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header Host $host;
# need to use 1.1 to support chunked transfers
proxy_http_version 1.1;
proxy_buffering off;
# we don't want nginx trying to do something clever with
# redirects, we set the Host: header above already.
proxy_redirect off;
proxy_pass http://api_server;
}
location / {
# misc headers
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header Host $host;
proxy_http_version 1.1;
# we don't want nginx trying to do something clever with
# redirects, we set the Host: header above already.
proxy_redirect off;
proxy_pass http://web_server;
}
}
server {
listen 443 ssl;
server_name ${DOMAIN};
client_max_body_size 500M; # Maximum upload size
location / {
proxy_http_version 1.1;
proxy_buffering off;
proxy_pass http://localhost:80;
}
ssl_certificate /etc/nginx/sslcerts/${SSL_CERT_FILE_NAME};
ssl_certificate_key /etc/nginx/sslcerts/${SSL_CERT_KEY_FILE_NAME};
}